Microsoft advises how to limit Excel vulnerabilities

Microsoft offers a few "tips" for users not to be "bogged down" in the serious vulnerability of Excel, but did not disclose when a new patch is available.

Picture 1 of Microsoft advises how to limit Excel vulnerabilities Source: CNET Contrary to the security forecasts, Microsoft has not released an emergency patch for the flaw - which is considered extremely serious. However, the software giant asserted "actively building an update".

In the meantime, Microsoft offers a few tips and tricks for users to minimize the risk.

The first reports of the Excel vulnerability began to appear from the end of last week, when Microsoft said hackers had launched an attack to bypass the vulnerability. An attacker could take advantage of the vulnerability to run unauthorized software on a Windows computer, but for this to happen, he first needs to trick users into visiting a website or opening an infected attachment. poisoned.

Vulnerabilities exist in many different versions of Excel, including Excel 2000, Excel 2002 and Excel 2003.

Windows users can temporarily lock this vulnerability by changing the registration settings or setting up the gateway for the e-mail box, blocking the attached Excel file. In addition, users can remove the risk simply by not opening any unknown Excel documents.

Microsoft is currently testing the patch for this vulnerability, but its spokesperson is not sure if the patch will be available with the July security bulletin.

Misfortunes never come alone

This week is indeed a busy week for Microsoft. The Excel vulnerability was discovered just a few days after the June security bulletin was released (patching up to 21 bugs in Windows products).

On Monday, the company struggled to investigate an attack, shutting down Microsoft's website in French.

By yesterday, PC Mag announced the discovery of yet another extremely critical vulnerability in Excel. This vulnerability can also be exploited if the user is tricked into clicking a link inside an Excel document.

Microsoft has not recorded any cases that drill into the flaw, but the attack code has been published on the Milw0rm site earlier this morning.

Secunia said the vulnerability affects Microsoft Office 2000, Excel Viewer 2003, Excel 2003, Excel 2002, Excel 2000, Microsoft Office 2003 Professional Edition, Microsoft Office 2003 and Microsoft Office XP.

Thien Y